Analysis
-
max time kernel
291s -
max time network
297s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
01/05/2023, 11:47
Static task
static1
Behavioral task
behavioral1
Sample
k3265.exe
Resource
win7-20230220-en
General
-
Target
k3265.exe
-
Size
384KB
-
MD5
16bc9a47111e437a3aefa392b221162b
-
SHA1
c4a6fd77b8950973201d03e9c0c54a7163d115a3
-
SHA256
921f7e253498c76694e9e8a7cde9552ef163f1292692781e23a272c7ad0bbb92
-
SHA512
a395a940012f79960a9fa84c734652f3d52fa153b7938d4974c1f41aadab40c18dc6c4a586e530b650bcd58be2e5371445b8a58e34d01a964c9c77ddf0ed611f
-
SSDEEP
6144:2cUHt3SGN+ZxLnrmhMWJm2FhpLzFs6OtPxA2i84u57Ftxb/:tUHtCzZxLnrmDJpjsbt5A2lhXxb
Malware Config
Signatures
-
Reads user/profile data of local email clients 2 TTPs
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.